[stunnel-users] Looking to confirm that stunnel is encrypting traffic via wireshark

• Previous message (by thread): [stunnel-users] How to set DSCP in stunnel?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm using stunnel to encrypt newsgroup traffic. Essentially use stunnel
to encrypt port 119 traffic (from the Pan Newsreader) then securely
communicate over 563 with astraweb secure servers. The whole set-up is
described in detail in this blog post:
http://blog.trebacz.com/2012/03/installing-stunnel-to-enable-ssl.html

The system has been "working" for several months, but someone on the
blog asked how to confirm it. I checked my logs and each time I'm
finished using Pan/Stunnel to download anything I get several entries in
my syslog like:

stunnel: LOG5[2111:140426048358144]: Connection closed: 3259 byte(s)
sent to SSL, 16756212 byte(s) sent to socket

I started to wonder does this mean some of the traffic was encrypted,
but most wasn't?

I fired up wireshark filtered the results to show port 563 traffic (
filter set to tcp.port == 563) as was suggested in another post (
http://ubuntuforums.org/showpost.php?p=5400958&postcount=9). Wireshark
does show the traffic is correctly flow through port 563 with astrawebs
newsservers when requesting data, but how do I know the traffic is
encrypted? I inspected likely packets to contain encrypted data and I
don't see anything in plain text (but they're zlib compressed also).




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20121231/c504fc02/attachment.html>

• Previous message (by thread): [stunnel-users] How to set DSCP in stunnel?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]